|
283411
|
- |
|
bibtex
|
mase
|
Multiple PHP remote file inclusion vulnerabilities in bibtex mase beta 2.0 allow remote attackers to execute arbitrary PHP code via a URL in the bibtexrootrel parameter to (1) unavailable.php, (2) so…
|
CWE-94
Code Injection
|
CVE-2007-2260
|
2018-10-17 01:42 |
2007-04-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
283412
|
- |
|
realink
|
c-arbre
|
PHP remote file inclusion vulnerability in espaces/communiques/annotations.php in C-Arbre 0.6PR7 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the root_path parameter…
|
NVD-CWE-Other
|
CVE-2007-2261
|
2018-10-17 01:42 |
2007-04-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
283413
|
- |
|
sinato
|
jmuffin
|
Multiple PHP remote file inclusion vulnerabilities in html/php/detail.php in Sinato jmuffin allow remote attackers to execute arbitrary PHP code via a URL in the (1) relPath and (2) folder parameters…
|
CWE-94
Code Injection
|
CVE-2007-2262
|
2018-10-17 01:42 |
2007-04-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
283414
|
- |
|
realnetworks
|
realone_player
realplayer
realplayer_enterprise
|
Heap-based buffer overflow in RealNetworks RealPlayer 10.0, 10.1, and possibly 10.5, RealOne Player, and RealPlayer Enterprise allows remote attackers to execute arbitrary code via an SWF (Flash) fil…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2007-2263
|
2018-10-17 01:42 |
2007-11-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
283415
|
- |
|
realnetworks
|
realone_player
realplayer
realplayer_enterprise
|
Heap-based buffer overflow in RealNetworks RealPlayer 8, 10, 10.1, and possibly 10.5; RealOne Player 1 and 2; and RealPlayer Enterprise allows remote attackers to execute arbitrary code via a RAM (.r…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2007-2264
|
2018-10-17 01:42 |
2007-11-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
283416
|
- |
|
phpee
|
ya_book
|
Cross-site scripting (XSS) vulnerability in YA Book 0.98-alpha allows remote attackers to inject arbitrary web script or HTML via the City field in a sign action in index.php.
|
NVD-CWE-Other
|
CVE-2007-2265
|
2018-10-17 01:42 |
2007-04-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
283417
|
- |
|
progress
|
webspeed_messenger
|
Progress Webspeed Messenger allows remote attackers to read, create, modify, and execute arbitrary files by invoking webutil/_cpyfile.p in the WService parameter to (1) cgiip.exe or (2) wsisa.dll in …
|
NVD-CWE-Other
|
CVE-2007-2266
|
2018-10-17 01:42 |
2007-04-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
283418
|
- |
|
plogger
|
plogger
|
Session fixation vulnerability in Plogger allows remote attackers to hijack web sessions by setting the PHPSESSID parameter.
|
CWE-287
Improper Authentication
|
CVE-2007-2277
|
2018-10-17 01:42 |
2007-04-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
283419
|
- |
|
dcp-portal
|
dcp-portal
|
Multiple PHP remote file inclusion vulnerabilities in DCP-Portal 6.1.1 allow remote attackers to execute arbitrary PHP code via a URL in (1) the path parameter to library/adodb/adodb.inc.php, (2) the…
|
NVD-CWE-Other
|
CVE-2007-2278
|
2018-10-17 01:42 |
2007-04-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
283420
|
- |
|
symantec
|
veritas_storage_foundation
|
The Scheduler Service (VxSchedService.exe) in Symantec Storage Foundation for Windows 5.0 allows remote attackers to bypass authentication and execute arbitrary code via certain requests to the servi…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2007-2279
|
2018-10-17 01:42 |
2007-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
